I would suggest that using ftp you delete the current Wordfence folder in your site’s plugins folder, and re-upload a copy from the repository. Then delete your existing site htaccess and upload your backup htaccess taken before you enabled Falcon. This should get you access back into your site with Wordfence enabled but not running Falcon caching (note that Falcon does not need to be enabled to ensure security protection and is mostly focused on caching performance). It also sounds like you should create a new user, give it administrator rights and then delete your old admin username. Finally, setup the login lockdown parameters in the Wordfence options to lock out users who are making repeated failed login attempts.
Good luck!
@ Mark
Happy to help out and flex my limited problem solving skills.
Thanks. I got back in my site after putting the original htaccess file back in and am now going to make a new admin user as suggested.
I am a complete novice but I am trying to learn. I can’t even figure out how someone got my username but I suspect they must have accessed my files in wordpress so I also added index.php files where others suggested to keep people from poking around.
@devil495
Great to hear you are back online.
About the username, one thing I found was that my SEO plugin (Yoast WordPress SEO) was creating a sitemap listing from my blog posts listed under my user/author name, so I also had to change my username. After selecting Disable author/user sitemap in XML Sitemap-User Sitemap my new username has stayed secure. Maybe something like this could be the culprit in your case?
